As mentioned previously, requiring certificates, and not allowing interactive logins, is safest.
But even if you decide to allow interactive logins, there are things you SHOULD do.
Disable admin/root login.
Update sshd so that only named users can login via SSH, all other users that might be on the system cannot login.
Require SSH 2 as mentioned in another email.
it probably helps too if the named user isn't a "common" name, like mark, etc, like I've seen in logs when I've perused them.
Running firewall tools that block IP addresses with several failed attempts.
And, of course, a strong password.
I've never setup certificates for my private, personal, use to my box. But I've disabled root login, only 1 account can connect, ssh2 is required, I don't use a "common" name,. An I have a strong password.
On Oct 24, 2009, at 7:56 AM, ML wrote:
HI All,
With my new firewall in place, it has opened my eyes to how much traffic gets blocked in a single day and also what are the most active rules. I get *a lot* of requests for port 22.
How does one switch ssh ports? What is a good port to use? What ramifications does it have when I need to ssh in? Is it as simple as ssh user@hots:port?
Best, -ML _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos